@equalsJeffH To clarify, this PR doesn't attempt to address the silent auth situation at all. The difference between an authenticator that does user verification and one that doesn't is whether the user needs to show a fingerprint/face/pin to authenticate. An authenticator that doesn't do user verification is one that authenticates user based on only tapping or touching of the button. But the user in this case still made a move. Maybe instead of a binary object, I will change it to a enum to clarify this. -- GitHub Notification of comment by AngeloKai Please view or discuss this issue at https://github.com/w3c/webauthn/pull/348#issuecomment-282177039 using your GitHub accountReceived on Friday, 24 February 2017 01:32:06 UTC
This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 07:26:24 UTC